Reply
Highlighted
Polycom Employee & Community Manager
Posts: 14,015
0

[UPDATE] Update to ZTP Certificates Technical Notification 117101

This technical notification provides important information regarding certificate changes to be made to the Polycom Zero Touch Provisioning (ZTP) system, due to be implemented in the first half of 2016

 

The above was actioned on the 21/June/2016

 

Background

  • As of January 2016, support for new SHA-1 certificates will be ended, and all certificate authorities will cease to issue SHA-1 based certificates. Existing SHA-1 certificates will remain valid until their expiration date, but no new SHA-1 certificates will be issued. All users of SHA-1 certificates will be expected to migrate to SHA-2 to ensure that no interruption to service is seen due to expiring certificates.

    All Polycom phones that are registered with the Zero Touch Provisioning (ZTP) system currently make use of a SHA-1 certificate when establishing authentication between the phone and ZTP server. All Polycom phones shipped from the factory include the appropriate certificate for ZTP authentication. However, in the event of a certificate mismatch, the phone will not be authenticated and the ZTP service will not provide redirection information. This will be the case if even if the MAC address of the phone has successfully been stored within the ZTP system.

    It is Polycom's intent to migrate the ZTP system to use SHA-2 certificates to support authentication. The timing of this change and potential impacts to the ZTP service is the subject of this Technical Notification.
Please be aware:

The purpose of these forums is to allow community members collaborate and help each other.
Questions posted here do not follow Polycom’s SLA guidelines.
If you require assistance from Polycom technical support, please open a
web service request or call us .

The above is necessary in order to track issue internally within Polycom.

You are welcome to post more questions or configuration or logs for other community members to look at but if your issue requires a fix via Polycom you must go via the official support structure.

Please ensure you always check the VoIP , Video Endpoint , Skype for Business , PSTN or RPM FAQ's

Please remember, if you see a post that helped you , and it answers your question, please mark it as an "Accept as Solution".

This forum reply or post is based upon my personal experience and does not reflect the opinion or view of my employer.
Polycom employee participation within this community is not mandatory and any post or FAQ article provided by myself is done either during my working hours or outside working hours, in my private time, and may be answered on weekends, bank holidays or personal holidays.